I am using Fedora Core 1.0 on my Web server and have installed VSFTPD on it. If I create an account and give it a home directory, (i.e./var/www/test) and try to access FTP with this account, it goes into the directory /var/www/test. However, if after logging into FTP I press the "back" button, it takes me to /var/www folder where the user can see all of the data. How do I restrict the user to access their home directories only?
Requires Free Membership to View
When you register, my team of editors will also send you resources covering Linux administration and management; integration and interoperability between Linux, Windows and Unix; securing Linux and mixed-platform environments; and migrating to Linux.
Margie Semilof, Editorial Director
In order to lock a user into their home directory, you need to look at vsftpd's chroot functionality. You need to edit the /etc/vsftpd/vsftpd.conf configuration file and change chroot_list_enable option to "yes." Then, specify a file called /etc/vsftpd.chroot and add all the users you wish to chroot to this file.
Or, if you wish all users to be chroot'ed, then you can set the chroot_local_user option to "yes." Chrooting an FTP server can be complicated and have some serious security implications. I recommend you read the vsftpd.conf man page carefully.
This was first published in February 2006